Desperate Facebook poisons the well, spamming disenchanted users with torrents of notifications, including through 2FA

Originally published at: https://boingboing.net/2018/07/21/poisoning-the-well.html

1 Like

With one click you can send all those emails to spam. But what if the next one is a really good one? And the next… and the next…

2 Likes

Given the circumstances under which Stamos left Yahoo I’m wondering if his departure from Facebook is about more than the platform’s stubborn refusal to root out disinformation trolls. We know that ICE is already making a big push to collect travellers’ social media IDs, and Zuckerberg seems just the sort to co-operate with them just as he makes excuses for allowing Holocaust deniers to spread their poison on his platform.*

[* tangentially on that topic, here’s how responsible operators of comment forums handle such things – spoiler: they ban it immediately]

12 Likes

Zuckerberg2020…

3 Likes

Keep running Zuck.

image

4 Likes

This behavior is reminiscent of a flopping and gasping fish.

4 Likes

I for one, appreciate the FB continually provides me with concrete reasons to never, ever sign up for FB.

27 Likes

Advertising is vile anyway, but the Facebook business model of grooming suckers to be targets for advertisers… Well, I was going to call it despicable, but it’s actually kind of funny. Maybe they’ll be left with a bunch of bots sending each other messages just for “clicks”.

3 Likes

The only reason I still belong to FB is so I can torture my red state relatives by posting “liberal media” news stories about the racist criminal currently inhabiting the White House.

9 Likes

I get these via email. Three or four a day, now. Funny, they stopped sending me the notifications on groups that I requested (over and over again, as they continually change the account & privacy settings).

I don’t want to continue with FB, but a volunteer group I work with uses FB as their only communication channel. I want to know if someone posts on the group’s pages, so I can read the notices or find out about upcoming events. Do I get those notices? Nope. But someone I knew through something 5 years ago leaves a comment, FB thinks I care and will drop everything to click thru. Nope nope nope.

7 Likes

My god, at this point I look at Facebook users almost like I look at trump supporters. You know it’s as bad as bad can get, but they keep using it to the detriment of their personal lives. trump cult meet Facebook cult.

3 Likes

An email? Yes.

But an SMS text message? You can only block those by user, rendering 2FA useless.

3 Likes

I never joined Facebook, or Twitter, or any other “social” media sites. I’ve never regretted it. Rather, I question the intelligence of those who did.

2 Likes

2FA shouldn’t be through SMS anyway. Download a TOTP app and use that for 2FA. Ex: Google Authenticator, or Authy

Ok. So, how did you accidentally send half a billion SMS’?

7 Likes

Every app you install is an additional security risk. Using SMS means you don’t have to take that risk.

1 Like

Hey Alfred, what did you have for dinner tonight and were you dining alone?

2 Likes

No, you don’t have to take the risk from an app installing if you use SMS. But you come across a much more dangerous risk by using SMS: SIM hijacking. Hackers can get a SIM with your phone number, then be able to get your 2FA authenticator sent to them. This was just 2 days ago on BB!

With an app, it doesn’t necessarily have to be on a phone. it could be on your smartwatch, or a more dedicated device. A phone is just handy for most people.

1 Like

… this was a “bug” and that the company would halt the practice.

Would facebook be able to prove this claim by publishing some sort of chain-of-custody of the development of the feature in which the bug occurred?

I figure that and application as big as facebook has to have some sort of project management software. The chain-of-custody would encompass the buggy-feature’s flow thought inceptionprioritizationdevelopmenttestingQA, etc

Do such protocols/investigations exist in software development ? Would that be considered a piece of the field of software forensics?

1 Like

This is a post about the awful service and not about the awfulness of the people who use it, and your demonstrable superiority to them.

2 Likes